Weekly status #211

tomp · August 16, 2021, 8:45am

Weekly status for the week of the 9th of August to the 15th of August.

Introduction

This past week LXD saw the addition of source NAT settings for ovn networks (which is the 1st part of [LXD] Floating IP addresses), and the ability to use cluster join tokens in the preseed config.

Work has also begun on adding io_uring support to liblxc, and Dqlite has gained a LIBDQLITE_TRACE environment variable to allow debug messages to be written to STDERR.

The LXD team is hiring

The LXD team at Canonical is currently looking for a Go software engineer to join our distributed team of engineers. We’re looking for candidates anywhere in Europe or the Americas!

All LXD positions are 100% remote with some travel for internal events and conferences.

LXD

New features:

Configurable source NAT addresses can now be specified on ovn networks using the ipv{n}.nat.address setting. The addresses must be allowed on the network’s uplink (via the ipv{n}.routes settings) and be allowed in restricted projects (via the restricted.networks.subnets setting). Additionally the NAT addresses used must also be routed to the ovn network’s router address (specified in volatile.network.ipv{n}.address) either manually or via a BGP advert, and by extension this means the uplink network must be operating in ovn.ingress_mode=routed mode.
A one-time cluster join token can now be specified in the LXD preseed config file, avoiding the need to use a shared trust password.

Improvements:

The lxd init command now accepts a --minimal flag which operates the same as specifying --auto without any other configuration flags.
The pci and proxy instance devices can now be restricted in projects using restricted.devices.pci and restricted.devices.proxy respectively.
The proxy instance device can no longer be used in nat=true mode when used inside a project with virtual networks (features.networks=true). This is because virtual networks are not reachable from the LXD host, and so DNAT forwarding cannot work.

Bug fixes:

Work around a regression in liblxc’s routed NIC support by explicitly setting the IPv4 broadcast address to 0.0.0.0.
Fixed a bug in the duplicate MAC address detection to allow instances to be moved between projects.

LXC

Work has begun on adding io_uring support, and improvements have been made to the bash autocompletion functionality. There have also been some fixes to the cgroup cpumask feature.

Youtube channel

We’ve started a Youtube channel with live streams covering LXD releases and its use in the wider ecosystem.

You may want to give it a watch and/or subscribe for more content in the coming weeks.

Contribute to LXD

Ever wanted to contribute to LXD but not sure where to start?
We’ve recently gone through some effort to properly tag issues suitable for new contributors on Github: Easy issues for new contributors

Upcoming events

Nothing to report this week

Ongoing projects

The list below is feature or refactoring work which will span several weeks/months and can’t be tied directly to a single Github issue or pull request.

Distrobuilder Windows support
Virtual networks in LXD
Various kernel work
Stable release work for LXC, LXCFS and LXD

Upstream changes

The items listed below are highlights of the work which happened upstream over the past week and which will be included in the next release.

LXD

LXC

LXCFS

Nothing to report this week

Distrobuilder

Dqlite (RAFT library)

Dqlite (database)

Tracing

Dqlite (Go bindings)

doc: Add documentation to restore DB or recover cluster

Distribution work

This section is used to track the work done in downstream Linux distributions to ship the latest LXC, LXD and LXCFS as well as work to get various software to work properly inside containers.

Ubuntu

Nothing to report this week

Snap

lxd: Cherry-pick upstream bugfixes